Ip failover question

thank you, this has worked I believe thanks

http://www.ip-adress.com/ and RIPE both show as UK (got the first one back in a email from support) which is wierd, I will give it a week should be okay.

Hmm... I'm taking a blind stab at this so I'm not sure if this will work.

where "1.1.1.1" is the first IP (failover or main) and "1.1.1.2" is the second IP (failover).

The idea any traffic destined (PREROUTING + "-d") to IP 1.1.1.1 gets marked with a "0x1", and so on for the other IP(s).

If SNAT notices outgoing traffic on eth0 marked as "0x1", it will make it appear as if it came from 1.1.1.1, and so on.

Oh, PS: If you're going to try this, don't use the main IP for now until you're sure it works

Tinyproxy listening on all interfaces. I want the outbound connection to go from the same IP as I connect into.

Showing as France there too.

Great! Head on over to http://whatismyipaddress.com; they use a recent GeoIP database...

Works, lovely, cheers man.

Edit: Only problem now is that the IP Failover is showing france as the country code when showing England in the OVH Manager. Wierd. Will pop in a ticket for that.

Hmm, interesting. I'm trying to figure out why that is (perhaps too early in the morning to do that... )

Try this:
Where "1.2.3.4" is your failover IP. I guess you may have to add a match (-m) for the traffic on port 80 when it is tunnelled.

Using putty as a socks proxy:
http://www.virtualroadside.com/blog/...y-using-putty/

I can use that but even if I have the NAT forward all ports (using the above script) it still shows as the server IP and not the failover IP.

Works fine when using Lynx using SSH, but not using socks through putty.

I'm not sure if I understand your question Can you give a scenario (and the proxy product name)?

The code above is working well thanks.. Now how could I get it to work on my proxy and magically go out on the IP that I proxy in to ? Tough one

Try this instead (you need to speficy "-t nat"):

Where's the socks proxy located?

Used the commands above and there appears to be no change:

iptables -L output:
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination


Any ideas? No nat rule in there (or is it seperate somewhere?)

Edit: works in lynx, but not when I use SSH and a socks proxy.

In theory it would be, but I think that in practice you'll probably be pulling your hairs trying to get that accomplished

That is nice
Is there a way only one of the two users have different ip from the other user?

Quick response!

Yeah that is what I meant. I want the IP failover to appear on ip-adress etc.. Not only the primary ip.

Are you using Linux? If so, you can use the SNAT function of iptables (there's also MASQUERADE, but since a good portion of us only have 1 nic, let's stick to SNAT).

For example, to make ALL outgoing traffic appear as coming from IP 1.2.3.4:

To make outgoing web traffic (to port 80) appear as coming from IP 1.2.3.4:

To make outgoing traffic form a particular internal IP 192.168.0.1 (ie., when using a dummy interface or virtualisation) appear as coming from IP 1.2.3.4:

Your only limitation is that the "--to" must have a valid IP address, or else they'll disappear in a big black hole somewhere inside OVHs routers/switches - only Oles knows about this place So, "1.2.3.4" has to be replaced with an actual failover IP address.

The other thing is that "-o eth0" isn't completely necessary, but it avoids the SNAT being applied on internal traffic, which is something you might not want.

I'm using this method for web browsing traffic, so I'm sent to Google UK instead of Google France (and similar for other sites).

Recently I had some trouble with this. Seems to me as if OVH is always going out on the primary IP.

You'd have to bind that failover IP to the server, I could help more if I knew what kind of software you're running on the server and what you mean by sites (ie. ftp, proxy, bnc, etc.)

Hi there,
I wanna know if there is any way so other sites see my failover IP instead of my real IP when logging in to their sites through my server.